Chromium Code Reviews Chromium Code Reviews
Issue 14125003:
Do not roll back to SSL 3.0 for Google properties. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include <string> | |
| 6 | |
| 7 #include "base/memory/ref_counted.h" | |
| 8 #include "base/memory/scoped_ptr.h" | |
| 9 #include "net/base/net_util.h" | |
| 10 #include "net/base/request_priority.h" | |
| 11 #include "net/dns/mock_host_resolver.h" | |
| 12 #include "net/http/http_auth_handler_mock.h" | |
| 13 #include "net/http/http_network_session.h" | |
| 14 #include "net/http/http_network_transaction.h" | |
| 15 #include "net/http/http_request_info.h" | |
| 16 #include "net/http/http_server_properties_impl.h" | |
| 17 #include "net/http/transport_security_state.h" | |
| 18 #include "net/proxy/proxy_service.h" | |
| 19 #include "net/socket/socket_test_util.h" | |
| 20 #include "testing/gtest/include/gtest/gtest.h" | |
| 21 | |
| 22 namespace net { | |
| 23 | |
| 24 namespace { | |
| 25 | |
| 26 class TLS1OnlySSLConfigService : public SSLConfigService { | |
|
wtc
2013/04/18 18:15:34
It seems wrong to call this SSLConfigService "TLS1
| |
| 27 public: | |
| 28 TLS1OnlySSLConfigService() { | |
| 29 ssl_config_.version_min = SSL_PROTOCOL_VERSION_SSL3; | |
| 30 ssl_config_.version_max = SSL_PROTOCOL_VERSION_TLS1; | |
| 31 } | |
| 32 | |
| 33 virtual void GetSSLConfig(SSLConfig* config) OVERRIDE { | |
| 34 *config = ssl_config_; | |
| 35 } | |
| 36 | |
| 37 private: | |
| 38 virtual ~TLS1OnlySSLConfigService() {} | |
| 39 | |
| 40 SSLConfig ssl_config_; | |
| 41 }; | |
| 42 | |
| 43 class TLS11SSLConfigService : public SSLConfigService { | |
| 44 public: | |
| 45 TLS11SSLConfigService() { | |
| 46 ssl_config_.version_min = SSL_PROTOCOL_VERSION_SSL3; | |
| 47 ssl_config_.version_max = SSL_PROTOCOL_VERSION_TLS1_1; | |
| 48 } | |
| 49 | |
| 50 virtual void GetSSLConfig(SSLConfig* config) OVERRIDE { | |
| 51 *config = ssl_config_; | |
| 52 } | |
| 53 | |
| 54 private: | |
| 55 virtual ~TLS11SSLConfigService() {} | |
| 56 | |
| 57 SSLConfig ssl_config_; | |
| 58 }; | |
| 59 | |
| 60 } // namespace | |
| 61 | |
| 62 class HttpNetworkTransactionSSLTest : public testing::Test { | |
| 63 protected: | |
| 64 virtual void SetUp() { | |
| 65 ssl_config_service_ = new TLS1OnlySSLConfigService; | |
| 66 session_params_.ssl_config_service = ssl_config_service_.get(); | |
| 67 | |
| 68 auth_handler_factory_.reset(new HttpAuthHandlerMock::Factory()); | |
| 69 session_params_.http_auth_handler_factory = auth_handler_factory_.get(); | |
| 70 | |
| 71 proxy_service_.reset(ProxyService::CreateDirect()); | |
| 72 session_params_.proxy_service = proxy_service_.get(); | |
| 73 | |
| 74 session_params_.client_socket_factory = &mock_socket_factory_; | |
| 75 session_params_.host_resolver = &mock_resolver_; | |
| 76 session_params_.http_server_properties = &http_server_properties_; | |
| 77 session_params_.transport_security_state = &transport_security_state_; | |
| 78 } | |
| 79 | |
| 80 HttpRequestInfo* GetRequestInfo(std::string url) { | |
| 81 HttpRequestInfo* request_info = new HttpRequestInfo; | |
| 82 request_info->url = GURL(url); | |
| 83 request_info->method = "GET"; | |
| 84 return request_info; | |
| 85 } | |
| 86 | |
| 87 SSLConfig& GetServerSSLConfig(HttpNetworkTransaction* trans) { | |
| 88 return trans->server_ssl_config_; | |
| 89 } | |
| 90 | |
| 91 scoped_refptr<SSLConfigService> ssl_config_service_; | |
| 92 scoped_ptr<HttpAuthHandlerMock::Factory> auth_handler_factory_; | |
| 93 scoped_ptr<ProxyService> proxy_service_; | |
| 94 | |
| 95 MockClientSocketFactory mock_socket_factory_; | |
| 96 MockHostResolver mock_resolver_; | |
| 97 HttpServerPropertiesImpl http_server_properties_; | |
| 98 TransportSecurityState transport_security_state_; | |
| 99 HttpNetworkSession::Params session_params_; | |
| 100 }; | |
| 101 | |
| 102 // Tests that HttpNetworkTransaction does not attempt to | |
| 103 // fallback to SSL 3.0 when a TLS 1.0 handshake fails and: | |
| 104 // * the site is pinned to the Google pin list (indicating that | |
| 105 // it is a Google site); | |
| 106 // * SSL 3.0 fallback is disabled. | |
|
wtc
2013/04/18 18:15:34
All instances of "SSL 3.0 fallback" in this file s
| |
| 107 TEST_F(HttpNetworkTransactionSSLTest, SSL3FallbackDisabled_Google) { | |
| 108 // |ssl_data1| is for the first handshake (TLS 1.0), which will fail for | |
| 109 // protocol reasons (e.g., simulating a version rollback attack). | |
| 110 // Because SSL 3.0 fallback is disabled, only this simulated SSL handshake | |
| 111 // is consumed. | |
| 112 SSLSocketDataProvider ssl_data1(ASYNC, ERR_SSL_PROTOCOL_ERROR); | |
| 113 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data1); | |
| 114 StaticSocketDataProvider data1(NULL, 0, NULL, 0); | |
| 115 mock_socket_factory_.AddSocketDataProvider(&data1); | |
| 116 | |
| 117 // This extra handshake, which should be unconsumed, is provided to ensure | |
| 118 // that even if the behaviour being tested here ever breaks (and Google | |
| 119 // properties begin SSL 3.0 fallbacks), this test will not crash (and bring | |
| 120 // down all of net_unittests), but it will fail gracefully. | |
| 121 SSLSocketDataProvider ssl_data2(ASYNC, ERR_SSL_PROTOCOL_ERROR); | |
| 122 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data2); | |
| 123 StaticSocketDataProvider data2(NULL, 0, NULL, 0); | |
| 124 mock_socket_factory_.AddSocketDataProvider(&data2); | |
| 125 | |
| 126 scoped_refptr<HttpNetworkSession> session( | |
| 127 new HttpNetworkSession(session_params_)); | |
| 128 scoped_ptr<HttpNetworkTransaction> trans( | |
| 129 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); | |
| 130 | |
| 131 TestCompletionCallback callback; | |
| 132 // This will consume only |ssl_data1|. |ssl_data2| will not be consumed. | |
| 133 int rv = callback.GetResult( | |
| 134 trans->Start(GetRequestInfo("https://www.google.com/"), | |
| 135 callback.callback(), BoundNetLog())); | |
| 136 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, rv); | |
| 137 | |
| 138 SocketDataProviderArray<SocketDataProvider>& mock_data = | |
| 139 mock_socket_factory_.mock_data(); | |
| 140 // Confirms that only |ssl_data1| is consumed. | |
| 141 EXPECT_EQ(1u, mock_data.next_index()); | |
| 142 | |
| 143 SSLConfig& ssl_config = GetServerSSLConfig(trans.get()); | |
| 144 // |version_max| never fallbacks to SSLv3 for Google properties. | |
| 145 EXPECT_EQ(SSL_PROTOCOL_VERSION_TLS1, ssl_config.version_max); | |
| 146 EXPECT_FALSE(ssl_config.version_fallback); | |
| 147 } | |
| 148 | |
| 149 // Tests that HttpNetworkTransaction attempts to fallback to SSL 3.0 | |
| 150 // when a TLS 1.0 handshake fails and: | |
| 151 // * the site is pinned to the Google pin list (indicating that | |
| 152 // it is a Google site); | |
| 153 // * SSL 3.0 fallback is enabled. | |
| 154 TEST_F(HttpNetworkTransactionSSLTest, SSL3FallbackEnabled_Google) { | |
| 155 // |ssl_data1| is for the first handshake (TLS 1.0), which will fail for | |
| 156 // protocol reasons (e.g., simulating a version rollback attack). | |
| 157 SSLSocketDataProvider ssl_data1(ASYNC, ERR_SSL_PROTOCOL_ERROR); | |
| 158 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data1); | |
| 159 StaticSocketDataProvider data1(NULL, 0, NULL, 0); | |
| 160 mock_socket_factory_.AddSocketDataProvider(&data1); | |
| 161 | |
| 162 // |ssl_data2| contains the handshake result for a SSL 3.0 | |
| 163 // handshake which will be attempted after the TLS 1.0 | |
| 164 // handshake fails. | |
| 165 SSLSocketDataProvider ssl_data2(ASYNC, ERR_SSL_PROTOCOL_ERROR); | |
| 166 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data2); | |
| 167 StaticSocketDataProvider data2(NULL, 0, NULL, 0); | |
| 168 mock_socket_factory_.AddSocketDataProvider(&data2); | |
| 169 | |
| 170 scoped_refptr<HttpNetworkSession> session( | |
| 171 new HttpNetworkSession(session_params_)); | |
| 172 scoped_ptr<HttpNetworkTransaction> trans( | |
| 173 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); | |
| 174 | |
| 175 SSLConfig& ssl_config = GetServerSSLConfig(trans.get()); | |
| 176 ssl_config.ssl3_fallback_enabled = true; | |
| 177 | |
| 178 TestCompletionCallback callback; | |
| 179 // This will consume |ssl_data1| and |ssl_data2|. | |
| 180 int rv = callback.GetResult( | |
| 181 trans->Start(GetRequestInfo("https://www.google.com/"), | |
| 182 callback.callback(), BoundNetLog())); | |
| 183 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, rv); | |
| 184 | |
| 185 SocketDataProviderArray<SocketDataProvider>& mock_data = | |
| 186 mock_socket_factory_.mock_data(); | |
| 187 // Confirms that both |ssl_data1| and |ssl_data2| are consumed. | |
| 188 EXPECT_EQ(2u, mock_data.next_index()); | |
| 189 | |
| 190 // |version_max| fallbacks to SSL 3.0 for Google properties when | |
| 191 // |ssl3_fallback_enabled| is true. | |
| 192 EXPECT_EQ(SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_max); | |
| 193 EXPECT_TRUE(ssl_config.version_fallback); | |
| 194 } | |
| 195 | |
| 196 // Tests that HttpNetworkTransaction attempts to fallback to SSL 3.0 | |
| 197 // when a TLS 1.0 handshake fails and the site is not a Google domain, | |
| 198 // even if SSL 3.0 fallback is disabled. | |
| 199 // TODO(thaidn): revise the above comment and this test when the | |
| 200 // SSL 3.0 fallback experiment is applied for non-Google domains. | |
| 201 TEST_F(HttpNetworkTransactionSSLTest, SSL3FallbackDisabled_Paypal) { | |
| 202 // |ssl_data1| is for the first handshake (TLS 1.0), which will fail | |
| 203 // for protocol reasons (e.g., simulating a version rollback attack). | |
| 204 SSLSocketDataProvider ssl_data1(ASYNC, ERR_SSL_PROTOCOL_ERROR); | |
| 205 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data1); | |
| 206 StaticSocketDataProvider data1(NULL, 0, NULL, 0); | |
| 207 mock_socket_factory_.AddSocketDataProvider(&data1); | |
| 208 | |
| 209 // |ssl_data2| contains the handshake result for a SSL 3.0 | |
| 210 // handshake which will be attempted after the TLS 1.0 | |
| 211 // handshake fails. | |
| 212 SSLSocketDataProvider ssl_data2(ASYNC, ERR_SSL_PROTOCOL_ERROR); | |
| 213 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data2); | |
| 214 StaticSocketDataProvider data2(NULL, 0, NULL, 0); | |
| 215 mock_socket_factory_.AddSocketDataProvider(&data2); | |
| 216 | |
| 217 scoped_refptr<HttpNetworkSession> session( | |
| 218 new HttpNetworkSession(session_params_)); | |
| 219 scoped_ptr<HttpNetworkTransaction> trans( | |
| 220 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); | |
| 221 | |
| 222 TestCompletionCallback callback; | |
| 223 // This will consume |ssl_data1| and |ssl_data2|. | |
| 224 int rv = callback.GetResult( | |
| 225 trans->Start(GetRequestInfo("https://www.paypal.com/"), | |
| 226 callback.callback(), BoundNetLog())); | |
| 227 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, rv); | |
| 228 | |
| 229 SocketDataProviderArray<SocketDataProvider>& mock_data = | |
| 230 mock_socket_factory_.mock_data(); | |
| 231 // Confirms that both |ssl_data1| and |ssl_data2| are consumed. | |
| 232 EXPECT_EQ(2u, mock_data.next_index()); | |
| 233 | |
| 234 SSLConfig& ssl_config = GetServerSSLConfig(trans.get()); | |
| 235 // |version_max| fallbacks to SSL 3.0. | |
| 236 EXPECT_EQ(SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_max); | |
| 237 EXPECT_TRUE(ssl_config.version_fallback); | |
| 238 } | |
| 239 | |
| 240 // Tests that HttpNetworkTransaction attempts to fallback from | |
| 241 // TLS 1.1 to TLS 1.0, then from TLS 1.0 to SSL 3.0. | |
| 242 TEST_F(HttpNetworkTransactionSSLTest, SSLFallback) { | |
| 243 ssl_config_service_ = new TLS11SSLConfigService; | |
| 244 session_params_.ssl_config_service = ssl_config_service_.get(); | |
| 245 // |ssl_data1| is for the first handshake (TLS 1.1), which will fail for | |
| 246 // protocol reasons (e.g., simulating a version rollback attack). | |
| 247 SSLSocketDataProvider ssl_data1(ASYNC, ERR_SSL_PROTOCOL_ERROR); | |
| 248 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data1); | |
| 249 StaticSocketDataProvider data1(NULL, 0, NULL, 0); | |
| 250 mock_socket_factory_.AddSocketDataProvider(&data1); | |
| 251 | |
| 252 // |ssl_data2| contains the handshake result for a TLS 1.0 | |
| 253 // handshake which will be attempted after the TLS 1.1 | |
| 254 // handshake fails. | |
| 255 SSLSocketDataProvider ssl_data2(ASYNC, ERR_SSL_PROTOCOL_ERROR); | |
| 256 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data2); | |
| 257 StaticSocketDataProvider data2(NULL, 0, NULL, 0); | |
| 258 mock_socket_factory_.AddSocketDataProvider(&data2); | |
| 259 | |
| 260 // |ssl_data3| contains the handshake result for a SSL 3.0 | |
| 261 // handshake which will be attempted after the TLS 1.0 | |
| 262 // handshake fails. | |
| 263 SSLSocketDataProvider ssl_data3(ASYNC, ERR_SSL_PROTOCOL_ERROR); | |
| 264 mock_socket_factory_.AddSSLSocketDataProvider(&ssl_data3); | |
| 265 StaticSocketDataProvider data3(NULL, 0, NULL, 0); | |
| 266 mock_socket_factory_.AddSocketDataProvider(&data3); | |
| 267 | |
| 268 scoped_refptr<HttpNetworkSession> session( | |
| 269 new HttpNetworkSession(session_params_)); | |
| 270 scoped_ptr<HttpNetworkTransaction> trans( | |
| 271 new HttpNetworkTransaction(DEFAULT_PRIORITY, session)); | |
| 272 | |
| 273 TestCompletionCallback callback; | |
| 274 // This will consume |ssl_data1|, |ssl_data2| and |ssl_data3|. | |
| 275 int rv = callback.GetResult( | |
| 276 trans->Start(GetRequestInfo("https://www.paypal.com/"), | |
| 277 callback.callback(), BoundNetLog())); | |
| 278 EXPECT_EQ(ERR_SSL_PROTOCOL_ERROR, rv); | |
| 279 | |
| 280 SocketDataProviderArray<SocketDataProvider>& mock_data = | |
| 281 mock_socket_factory_.mock_data(); | |
| 282 // Confirms that |ssl_data1|, |ssl_data2| and |ssl_data3| are consumed. | |
| 283 EXPECT_EQ(3u, mock_data.next_index()); | |
| 284 | |
| 285 SSLConfig& ssl_config = GetServerSSLConfig(trans.get()); | |
| 286 // |version_max| fallbacks to SSL 3.0. | |
| 287 EXPECT_EQ(SSL_PROTOCOL_VERSION_SSL3, ssl_config.version_max); | |
| 288 EXPECT_TRUE(ssl_config.version_fallback); | |
| 289 } | |
| 290 | |
| 291 } // namespace net | |
| 292 | |
| OLD | NEW |
